Skills
skills/stvlynn/qclaw-skills/news-summary/Gen Agent Trust Hub

news-summary

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Retrieves news content from official RSS feeds of trusted organizations, including the BBC, Reuters, NPR, and Al Jazeera. It also utilizes the official OpenAI API for text-to-speech generation.\n- [COMMAND_EXECUTION]: Employs standard system utilities like curl, grep, and sed to retrieve and process data from defined endpoints. These tools are used appropriately for text parsing.\n- [SAFE]: Indirect Prompt Injection Surface Analysis:\n
  • Ingestion points: Headlines and descriptions from external RSS feeds enter the agent's context (SKILL.md).\n
  • Boundary markers: The skill does not implement specific delimiters or 'ignore' instructions for the fetched content.\n
  • Capability inventory: Limited to web retrieval, basic text processing, and audio file creation via OpenAI.\n
  • Sanitization: Uses sed to strip HTML and XML tags from the retrieved news content before processing, reducing the risk of schema confusion.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 04:45 PM